| Message ID | 20160426225614.13567.47487.stgit@tlendack-t1.amdoffice.net (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Tue 2016-04-26 17:56:14, Tom Lendacky wrote: > Provide the Kconfig support to build the SME support in the kernel. Probably should go last in the series? > Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> > --- > arch/x86/Kconfig | 9 +++++++++ > 1 file changed, 9 insertions(+) > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index 7bb1574..13249b5 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -1356,6 +1356,15 @@ config X86_DIRECT_GBPAGES > supports them), so don't confuse the user by printing > that we have them enabled. > > +config AMD_MEM_ENCRYPT > + bool "Secure Memory Encryption support for AMD" > + depends on X86_64 && CPU_SUP_AMD > + ---help--- > + Say yes to enable the encryption of system memory. This requires > + an AMD processor that supports Secure Memory Encryption (SME). > + The encryption of system memory is disabled by default but can be > + enabled with the mem_encrypt=on command line option. > + > # Common NUMA Features > config NUMA > bool "Numa Memory Allocation and Scheduler Support"
On 03/22/2016 08:01 AM, Pavel Machek wrote: > On Tue 2016-04-26 17:56:14, Tom Lendacky wrote: >> Provide the Kconfig support to build the SME support in the kernel. > > > Probably should go last in the series? Yeah, I've seen arguments both ways for this. Doing it early allows compiling and testing with it enabled and doing it late doesn't enable anything until it's all there. I just chose the former. Thanks, Tom > >> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> >> --- >> arch/x86/Kconfig | 9 +++++++++ >> 1 file changed, 9 insertions(+) >> >> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig >> index 7bb1574..13249b5 100644 >> --- a/arch/x86/Kconfig >> +++ b/arch/x86/Kconfig >> @@ -1356,6 +1356,15 @@ config X86_DIRECT_GBPAGES >> supports them), so don't confuse the user by printing >> that we have them enabled. >> >> +config AMD_MEM_ENCRYPT >> + bool "Secure Memory Encryption support for AMD" >> + depends on X86_64 && CPU_SUP_AMD >> + ---help--- >> + Say yes to enable the encryption of system memory. This requires >> + an AMD processor that supports Secure Memory Encryption (SME). >> + The encryption of system memory is disabled by default but can be >> + enabled with the mem_encrypt=on command line option. >> + >> # Common NUMA Features >> config NUMA >> bool "Numa Memory Allocation and Scheduler Support" > -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed 2016-04-27 10:17:36, Tom Lendacky wrote: > On 03/22/2016 08:01 AM, Pavel Machek wrote: > > On Tue 2016-04-26 17:56:14, Tom Lendacky wrote: > >> Provide the Kconfig support to build the SME support in the kernel. > > > > > > Probably should go last in the series? > > Yeah, I've seen arguments both ways for this. Doing it early > allows compiling and testing with it enabled and doing it late > doesn't enable anything until it's all there. I just chose the > former. Doing it early will break bisect, right? Pavel > >> +config AMD_MEM_ENCRYPT > >> + bool "Secure Memory Encryption support for AMD" > >> + depends on X86_64 && CPU_SUP_AMD > >> + ---help--- > >> + Say yes to enable the encryption of system memory. This requires > >> + an AMD processor that supports Secure Memory Encryption (SME). > >> + The encryption of system memory is disabled by default but can be > >> + enabled with the mem_encrypt=on command line option. > >> + > >> # Common NUMA Features > >> config NUMA > >> bool "Numa Memory Allocation and Scheduler Support" > >
On Wed, Apr 27, 2016 at 05:30:10PM +0200, Pavel Machek wrote:
> Doing it early will break bisect, right?
How exactly? Please do tell.
On Wed 2016-04-27 17:41:40, Borislav Petkov wrote: > On Wed, Apr 27, 2016 at 05:30:10PM +0200, Pavel Machek wrote: > > Doing it early will break bisect, right? > > How exactly? Please do tell. Hey look, SME slowed down 30% since being initially merged into kernel! Pavel
On 27/04/16 17:41, Pavel Machek wrote: > On Wed 2016-04-27 17:41:40, Borislav Petkov wrote: >> On Wed, Apr 27, 2016 at 05:30:10PM +0200, Pavel Machek wrote: >>> Doing it early will break bisect, right? >> >> How exactly? Please do tell. > > Hey look, SME slowed down 30% since being initially merged into > kernel! As opposed to "well, bisection shows these n+1 complicated changes are all fine and the crash is down to this Kconfig patch", presumably. I'm sure we all love spending a whole afternoon only to find that, right? :P Robin. > Pavel > -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, Apr 27, 2016 at 06:41:37PM +0200, Pavel Machek wrote: > Hey look, SME slowed down 30% since being initially merged into > kernel! How is that breaking bisection?
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 7bb1574..13249b5 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1356,6 +1356,15 @@ config X86_DIRECT_GBPAGES supports them), so don't confuse the user by printing that we have them enabled. +config AMD_MEM_ENCRYPT + bool "Secure Memory Encryption support for AMD" + depends on X86_64 && CPU_SUP_AMD + ---help--- + Say yes to enable the encryption of system memory. This requires + an AMD processor that supports Secure Memory Encryption (SME). + The encryption of system memory is disabled by default but can be + enabled with the mem_encrypt=on command line option. + # Common NUMA Features config NUMA bool "Numa Memory Allocation and Scheduler Support"
Provide the Kconfig support to build the SME support in the kernel. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> --- arch/x86/Kconfig | 9 +++++++++ 1 file changed, 9 insertions(+) -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html